Skip to main content

Gitea 1.22.5 is released

· 2 min read
lunny
lunny
Gitea maintainer
1.22.5Release

We are excited to announce the release of Gitea version 1.22.5.

This update addresses two critical security issues, so we strongly recommend all users upgrade as soon as possible.

To deliver this release, we have successfully merged 13 pull requests.

Gitea was significantly impacted by the recently disclosed vulnerability in the Golang crypto library, identified as CVE-2024-45337. The announcement and details of the issue can be found in the Golang Announce group.

We extend our gratitude to the Golang team for addressing this critical security flaw, which has been resolved in Gitea through PR #32791.

Additionally, another important security issue was identified and resolved: branch deletion permissions were not adequately enforced after merging a pull request. This vulnerability has been patched in PR #32654.

A special thanks to @lunny for their prompt efforts in addressing these issues and ensuring the security of Gitea users.

How to Update

Download our pre-built binaries from the Gitea downloads page — make sure to select the version compatible with your platform. For a step-by-step guide on installation or upgrades, check out our installation documentation

Special Thanks

We would also like to thank all of our supporters on Open Collective who are helping to sustain us financially.

Looking for a seamless, hassle-free solution to manage your Git repositories? Discover Gitea Cloud — A fully-managed, scalable platform designed to streamline your development workflow.

Changelog

1.22.5 - 2024-12-11

  • SECURITY
  • BUGFIXES
    • Add standard-compliant route to serve outdated R packages (#32783) (#32789)
    • Fix internal server error when updating labels without write permission (#32776) (#32785)
    • Add Swift login endpoint (#32693) (#32701)
    • Fix fork page branch selection (#32711) (#32725)
    • Fix word overflow in file search page (#32695) (#32699)
    • Fix gogit GetRefCommitID (#32705) (#32712)
    • Fix race condition in mermaid observer (#32599) (#32673)
    • Fixe a keystring misuse and refactor duplicates keystrings (#32668) (#32792)
    • Bump relative-time-element to v4.4.4 (#32739)
  • PERFORMANCE
  • MISC
    • Don't create action when syncing mirror pull refs (#32659) (#32664)

Contributors

An icon showing wave propagation

Join our community

Gitea is open source. Star our GitHub repo, and join our community on Discord!

Go to GitHub  >Join Discord  >
An icon showing a paper plane

Subscribe to our newsletter

Stay up to date with all things Gitea